Re: .kde directory (complete)

[Russell Coker <russell@coker.com.au>]

On Mon, 28 Oct 2002 14:01, Achim Bohnet wrote:
> > > > avc:  denied  { search } for  pid=2935 exe=/usr/X11R6/bin/XFree86
> > > > path=/rjc/.kde dev=03:07 ino=2673 scontext=rjc:user_r:user_xserver_t
> > > > tcontext=system_u:object_r:user_home_t tclass=dir
> > > >
> > > > Why would XFree86 be attempting to search my ~/.kde directory soon
> > > > after "startx" is run?  Searching a directory means opening a file or
> > > > directory that is under that directory or changing directory to that
> > > > directory.
> > >
> > > Ummpfff.  /usr/bin/kde3 plays again games with the font path :(
> > > Should be at least be wrapped with something like:
> >
> > I'm not sure I understand your message, are you suggesting that the kde3
> > script adds a directory under ~/.kde to the font path before the X server
> > is started?
>
> It checks for some path and if exists adds them via xset to fontpath
> (search for 'font' in /usr/bin/kde3) after X server is started.

Thanks for that, I understand now.

What do you think I should do for the default SE Linux security policy in this 
regard?  Should I setup dontaudit rules so that users aren't bothered by such 
messages?  Or would that be too likely to confuse people who have font paths 
in their home directory?

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page